As I Have Got some holiday's, i thought to do something interesting .So i thought why not solve Pentester Academy Web Application Challenges...and here i'am starting from the first challenge.
I captured the login request using burp with random password and username which is shown above.
As it is a form based login so only we have to iterate over password field and username which has only two possibilties jack & admin .
Here is my Python Code for the above problem:
It Is fairly a simple code.But who do not have knowledge of Python urllib2 library,i have another solution for You ...
You can intercept the request using the burp and then send the Request to the Burp Intruder and apply payload only for password....
You can intercept the request using the burp and then send the Request to the Burp Intruder and apply payload only for password....
then create and load a password list in the payload option and then start the attack.
And you will find Email-admin@pentesteracadmey.com, Password-zzzxy
No comments:
Post a Comment